What You’ll Do
The Senior Cybersecurity Engineer will be part of a global team of security experts driving ‘Security by Design’ philosophy in Eaton product and solutions."Senior Cybersecurity Engineer will be part of a global team of Cybersecurity experts driving cybersecurity certifications for Eaton product and solutions.
He/she Will Be Responsible For
- Performing Vulnerability Assessment & Penetration Testing on existing and upcoming Eaton products and solutions spanning a wide range of technologies including IoT devices, systems & solutions, web applications, mobile applications, thick clients, wireless devices, embedded systems deployed across industries such as electrical, vehicle, eMobility, hydraulics and aerospace.
- Driving Threat Modeling and Risk Assessment exercise with product teams early in the design and development phase to identify applicable cybersecurity requirements, in line with various cybersecurity standards.
- Providing hands-on guidance to product teams as they implement complex cybersecurity features and requirements in their products, in line with various cybersecurity standards.
- Evangelizing and providing technical security trainings to software developers and test engineers across the organization and evangelizing the importance of cybersecurity in other functions like product / project management & sales /services.
- Monitoring evolving threat landscape, cybersecurity technologies, standards, frameworks and drive continuous improvement in Eaton’s cybersecurity requirements, frameworks and processes.
- Performing Product Cybersecurity Certifications for Eaton Products for standards such as UL2900, IEC62443 etc. as per requirements"
Qualifications
Bachelor’s or master’s degree in Computer Science, Electronics Engineering, Electrical Engineering.5-7 years of relevant experience in Product cybersecurity
Skills
"The engineer should be -
- Understanding and experience in working across multiple phases of Secure Product Development Lifecycle, performing Penetration Testing of various technologies and Threat Modeling of products, systems and solutions. Focus on Cloud / Industrial IoT products is desirable.
- Coding experience in one or more general purpose languages
- Knowledge of attacks and mitigation in : Cloud-based applications, Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application securtiy.
- Having a knowledge of cybersecurity standards like UL2900, IEC62443-4-1, 4-2, 3-3 etc.
- Able to understand cybersecurity concepts in depth and be able to apply those concepts to Eaton products for cybersecurity testing.
- Able to perform Threat Modeling and Risk Assessment for Eaton products
- Having hands-on experience in various Cybersecurity activities including but not limited to - Cybersecurity assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; secure coding; preferably on embedded, ICS and IoT products.
- Having hands on expertise with cybersecurity tools like Nessus, Black Duck, Defensics, Nessus, Burpsuite, Coverity, Kali Linux etc.
- Having Good understanding of security protocols (HTTPS, HSTS, TLS, SSH, 802.11 security, Bluetooth, Zigbee) and ICS protocols (IEC 61850, DNP3, Modbus, WirelessHART, CAN)
- Having knowledge of attacks and mitigation in : Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, OS X, Android); Web application and browser security.
- Having certifications like CEH, GSEC, OSCP is a plus."
"1) Ability to work in and with diverse & multi-cultural and geographically dispersed teams
- Ability to collaborate across multi-disciplinary teams (legal, IT, product management, project management)
- Ability to present to various levels of engineering and business leadership globally.
- Excellent Documentation Skills
- Be a technical mentor to other members of the team and beyond as needed"
